devbox
Gausst松鼠会
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

elasticsearch7.2_es send message failed

作者:Gausst松鼠会 | 2024-04-20 13:40:03

es send message failed

1、安装配置

 

2、安装遇到的问题

2.1、警告:

  1. [2019-07-09T06:53:29,541][WARN ][o.e.b.JNANatives         ] [node1] unable to install syscall filter: 
  2. java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed

解决方法:

  1. bootstrap.system_call_filter: false
  2. bootstrap.memory_lock: true #防止es内存被交换出去

2.2、报错:

[1]: max number of threads [2048] for user [es] is too low, increase to at least [4096]

解决方法:

  1. ulimit -a 查看
  2. vim /etc/security/limits.conf
  3. 在最后添加:*代表所有用户
  4. hadoop soft nofile 65536
  5. hadoop hard nofile 131072
  6. hadoop soft nproc 4096
  7. hadoop hard nproc 4096

2.3、如果报错

[2]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk

加入

bootstrap.memory_lock: false

3、配置安全

bin/elasticsearch-setup-passwords interactive

需要开启:

  1. xpack.security.enabled: true
  2. xpack.security.transport.ssl.enabled: true

然后启动其他节点报错:

  1. send message failed [channel: Netty4TcpChannel{localAddress=0.0.0.0/0.0.0.0:56339, remoteAddress=/192.168.88.131:9300}]
  2. javax.net.ssl.SSLException: Received fatal alert: handshake_failure

生成证书:

  1. bin/elasticsearch-certutil ca
  2. bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

 

  1. xpack.security.transport.ssl.enabled: true
  2. xpack.security.transport.ssl.verification_mode: certificate 
  3. xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12 
  4. xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

在java.policy

  1. grant{}中的最后一行加上:permission java.security.AllPermission;
  2. 因为给了所有权限
  3. 这样不对,还会报错 [1]: granting the all permission effectively disables security

加入到keystore

  1. bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
  2. bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

 

Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/opt/elasticsearch-7.2.0/elastic-certificates.p12" "read")
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472) ~[?:1.8.0_191]

在java.policy加入:

  1.         permission java.io.FilePermission "/opt/elasticsearch-7.2.0", "read";
  2.         permission java.io.FilePermission "-", "read";

各个节点都配置

https://blog.csdn.net/MicoMecy/article/details/90642163

https://www.elastic.co/guide/en/elasticsearch/reference/7.2/configuring-tls.html#node-certificates

 

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/Gausst松鼠会/article/detail/457568
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号